If you are an Asda’s customer, don’t forget to change your password.
Remember to look every time if the url login page starts by “https”, the HTTPS certificate could be expired at any moment and it was the case for Asda…
Asda supermarket’s website had a bug that exposed personal information and payment details of millions of its online shopping customers. The bug could have potentially provided hackers access to sensitive information from the company’s internal servers, say experts.
The Walmart-owned supermarket was first contacted by security expert Paul Moore in March 2014, when he first observed the security issue. Moore opined that the security flaw could have potentially jeopardised millions of transactions, especially given that the supermarket processes a multitude of online orders every week.
Asda said that it has now fixed the bug. According to a report by BBC, the company said: “Asda and Walmart take the security of our websites very seriously. We are aware of the issue and have implemented changes to improve the security on our website.” The US-run retail chain also said that it has updated its online security system and is currently working on implementing additional enhancements to bolster its online security.
Although Asda has said that it has now fixed the issue, with the reassurance that no customers’ sensitive data was affected, Moore contended that the firm should have acted more quickly to correct the problem. He said, “Back in March 2014, I contacted Asda to report several security vulnerabilities and despite a fix promised ‘in the next few weeks’, little appears to have changed.”
Source : IBTIMES.CO.UK